for-resource api call is returning deleted policies

Abhay Kulkarni Wed, 05 Feb 2020 13:57:09 -0800

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72086/
-----------------------------------------------------------


Review request for ranger, Madhan Neethiraj and Velmurugan Periasamy.


Bugs: RANGER-2722
    https://issues.apache.org/jira/browse/RANGER-2722


Repository: ranger


Description
-------

Scenario:
1. Create a policy in a hive service for database='testdb1'.
2. Ensure that no tag service is associated with this  hive service.

3. Delete all policies from the hive service.

Although, a get call to fetch all policies in ranger does not return any policy 
for hive service, an api call 
<ranger_url>/service/public/v2/api/policies/hive/for-resource?resource:database='testdb1'
 returns deleted policies.

If there are no policies for a service, currently, the code preserves the old 
engine (with assumption that there must have been some error fetching the 
policies). The fix is to support creation of policy engine with no policies in 
such case.


Diffs
-----

  
security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCache.java 
266bfbb23 


Diff: https://reviews.apache.org/r/72086/diff/1/


Testing
-------

Tested with cluster by deleting policies from a hive service. Ensured that when 
the last policy is deleted, 'for-resource' API call returns zero policies.


Thanks,

Abhay Kulkarni

Review Request 72086: RANGER-2722: policies/hive/for-resource api call is returning deleted policies

Reply via email to